Lucene search
K

45072 matches found

RedHat Linux
RedHat Linux
added 2026/06/29 7:52 a.m.6 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

8.2CVSS7.2AI score0.00552EPSS
Exploits0References5
Nuclei
Nuclei
added 2026/06/29 5:52 a.m.534 views

SPIP - Remote Command Execution

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. id: CVE-2023-27372 info: name: SPIP - Remote Command Execution author: DhiyaneshDK,nuts7 severity: critical description: ...

9.8CVSS7.4AI score0.99637EPSS
Exploits23References5
Nuclei
Nuclei
added 2026/06/29 5:52 a.m.43 views

TerraMaster TOS - Unauthenticated Remote Command Execution

TerraMaster TOS = 4.2.06 is susceptible to a remote code execution vulnerability which could allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php via the Event parameter. id: CVE-2020-28188 info: name: TerraMaster TOS - Unauthenticated Remote Command Execution...

10CVSS8.1AI score0.96598EPSS
Exploits3References5
Amazon
Amazon
added 2026/06/29 12:0 a.m.6 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

9.9CVSS6AI score0.00412EPSS
Exploits0
Amazon
Amazon
added 2026/06/29 12:0 a.m.5 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

9.9CVSS6AI score0.00412EPSS
Exploits0
Amazon
Amazon
added 2026/06/29 12:0 a.m.6 views

Critical: rclone

Issue Overview: Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from th...

9.8CVSS5.9AI score0.00701EPSS
Exploits0
Amazon
Amazon
added 2026/06/29 12:0 a.m.5 views

Critical: rclone

Issue Overview: Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from th...

9.8CVSS5.8AI score0.00701EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.9 views

PT-2026-53737

Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.471 Description An authenticated command injection issue exists in the Destination Network Management functionality. Users with destination management permissions can execute arbitrary commands as root on...

8.8CVSS6.8AI score0.01092EPSS
Exploits0References4
Nuclei
Nuclei
added 2026/06/28 3:8 p.m.52 views

Cleo Harmony < 5.8.0.24 - File Upload Vulnerability

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory. id: CVE-2024-55956 info: name: Cleo Harmony...

9.8CVSS7.8AI score0.93804EPSS
Exploits4References2
Nuclei
Nuclei
added 2026/06/28 3:8 p.m.128 views

SAP Solution Manager 7.2 - Remote Command Execution

SAP Solution Manager SolMan running version 7.2 has a remote command execution vulnerability within the SAP EEM servlet tcsmdagentapplicationeem. The vulnerability occurs due to missing authentication checks when submitting SOAP requests to the /EemAdminService/EemAdmin page to get information...

10CVSS7.8AI score0.98376EPSS
Exploits7References7
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.9 views

PT-2026-53222

Name of the Vulnerable Software and Affected Versions D-Link DCS-935L version 1.10.01 Description An OS command injection flaw exists in the POST Parameter Handler component. The issue occurs within the sub 400E40 function of the setconf.cgi file. A remote attacker can exploit this by manipulatin...

9CVSS7.6AI score0.02706EPSS
Exploits1References10
EUVD
EUVD
added 2026/06/27 12:30 a.m.7 views

EUVD-2026-39926

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command...

8.6CVSS5.9AI score0.00653EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

EulerOS 2.0 SP15 : cups (EulerOS-SA-2026-2437)

According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local...

7.8CVSS6.7AI score0.00502EPSS
Exploits7References8
NVD
NVD
added 2026/06/26 11:17 p.m.16 views

CVE-2026-55975

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command...

8.6CVSS0.00653EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/26 10:58 p.m.7 views

CVE-2026-55975

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command...

8.6CVSS5.9AI score0.00653EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/26 10:58 p.m.26 views

CVE-2026-55975 H.VIEW HV-500S6 IP Camera OS Command Injection

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command...

8.6CVSS0.00653EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 6:17 p.m.5 views

CVE-2026-55441

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust feature gates config files mise.toml, .tool-versions through trustcheck, but task-include files are loaded on a path that never reaches it. When a directory has a task-include dir mise-tasks/,...

8.6CVSS0.00184EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 6:16 p.m.10 views

CVE-2026-33646

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.3.10, mise processes .tool-versions files through the Tera template engine during parsing, with the exec function registered, enabling arbitrary command execution. Unlike .mise.toml files, .tool-versions files are not...

9.6CVSS0.00685EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/06/26 6:13 p.m.136 views

Apache Struts 2 - Remote Command Execution

Apache Struts 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 is susceptible to remote command injection attacks. The Jakarta Multipart parser has incorrect exception handling and error-message generation during file upload attempts, which can allow an attacker to execute arbitrary commands via a...

10CVSS7.8AI score0.99999EPSS
Exploits44References5
Nuclei
Nuclei
added 2026/06/26 6:13 p.m.78 views

Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution

Zoho ManageEngine ADSelfService Plus version 6113 and prior are vulnerable to a REST API authentication bypass vulnerability that can lead to remote code execution. id: CVE-2021-40539 info: name: Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution author:...

9.8CVSS7.9AI score0.9896EPSS
Exploits8References5
Rows per page
Query Builder